package csu.jpetstore.jpetstore.controller;

import csu.jpetstore.jpetstore.domain.Orders;
import csu.jpetstore.jpetstore.dto.OrdersDTO;
import csu.jpetstore.jpetstore.result.Result;
import csu.jpetstore.jpetstore.result.ResultFactory;
import csu.jpetstore.jpetstore.service.OrderService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresAuthentication;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@CrossOrigin
@RestController
@RequiresAuthentication
@RequestMapping(value = "/api")
public class OrdersController {
    @Autowired
    OrderService orderService;

    //add添加
    @RequestMapping(value = "/Orders",method = RequestMethod.POST)
    public Result getOrders(){
        //这里！！！！！！！！！！！
        //userId不是用户给的！是你自己从session中获得的
        String userId = SecurityUtils.getSubject().getPrincipal().toString();
        List<Orders> allOrders = orderService.getOrderByUserid(userId);
        Map<String,OrdersDTO> orders = new HashMap<>();
        for (Orders signalOrder : allOrders) {
            String orderId = signalOrder.getOrderId();
            if(orders.containsKey(orderId)){
                orders.get(orderId).getOrders().add(signalOrder);
            }else{
                OrdersDTO ordersDTO =new OrdersDTO();
                ordersDTO.setOrderId(orderId);
                ordersDTO.setUserId(signalOrder.getUser().getId());
                ordersDTO.getOrders().add(signalOrder);
                orders.put(orderId,ordersDTO);
            }
        }
        return ResultFactory.getSuccess("搜索成功",orders);
        //|||||||上面修改一下，用OrdersDTO整合以后在传
    }

    //delete
    @RequestMapping(value = "/Orders",method = RequestMethod.DELETE)
    public Result deleteOrders(@RequestBody List<Orders> orders){
        ///这里有问题， 提交的是List数组 而不是单个的orders
        //解释：每一个订单是有多个数据库元组对应的，而不是单一的。
        //另：订单的唯一标识是orderId， 而不是order的id
        for(int i=0;i<=orders.size();i++){
            orderService.delete(orders.get(i).getOrderId());
        }
        return ResultFactory.getSuccess("删除成功",true);
    }



    //update

    @RequestMapping(value = "/Orders",method = RequestMethod.PATCH)
    public Result updateOrders(@RequestBody Orders orders){
        //这里有安全问题，可以先搁置
        orderService.updateOrder(orders);
        return ResultFactory.getSuccess("添加成功",true);
    }


    //query
    //查询用户的全部订单
    @RequestMapping(value = "/Orders",method = RequestMethod.GET)
    public Result findAllByUser(){
        HttpSession session = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes())
                .getRequest().getSession();
        String userId = (String)session.getAttribute("userID");
        List<Orders> orders = orderService.getOrderByUserid(userId);
        OrdersDTO ordersDTO = new OrdersDTO();
        ordersDTO.setOrderId(orders.get(0).getOrderId());
        ordersDTO.setOrders(orders);
        ordersDTO.setUserId(userId);
        return ResultFactory.getSuccess("搜索成功",ordersDTO);
    }


    //查询全部订单，管理员用
    @RequiresRoles("admin")
    @RequestMapping(value = "/Orders/?",method = RequestMethod.GET)
    public Result findAll(){
        List<Orders> orders = orderService.findAll();
        return ResultFactory.getSuccess("搜索成功",orders);
    }


    //查询某个订单
    @RequestMapping(value = "/Orders/{orderId}",method = RequestMethod.GET)
    public Result findOne(@PathVariable String orderId){
        List<Orders> orders = orderService.getOrderByOrderId(orderId);
        OrdersDTO ordersDTO = new OrdersDTO();
        ordersDTO.setOrderId(orders.get(0).getOrderId());
        ordersDTO.setOrders(orders);
        ordersDTO.setUserId(orders.get(0).getUser().getNickname());
        return ResultFactory.getSuccess("搜索成功",ordersDTO);
    }
}
